CFEngine3 Node

From PostgreSQL_wiki
Revision as of 22:16, 11 January 2015 by Martin (talk | contribs)
Jump to: navigation, search

Webhuis facilitates and encourages attendees to The CFEngine Roadshow to configure a blank VM of choice. We are in the process of supporting as many platforms as possible. We do have full support for debian_7 and debian_8 and partly ubuntu_14. We are working and in need of support for centos_*. We are working on opensuse_13. Mint, Gentoo, Raspberry Pi and Androids geeks are more than welcome.

Pre requisities

Fair use policy

Every individual who is using the facilities of The CFEngine Roadshow states he or she complies with the following:

  1. Will follow the instuctions given during The CFEngine Roadshow
  2. Will not disturb The CFEngine Roadshow by any kind of attacks to any of the The CFEngine Roadshow systems, it is a live demonstartion not a Cracker Camp
  3. Will not copy Commercial Software to any of the common CFEngine Roadshow utility systems
  4. Will report if the number of bootstrapped agents exceeds the count of ten, in order to receive an award

Happy bootstrapping!

Create a blank Virtual Machine

Please have your bare Virtual Machine ready before you take part in The CFEngine Roadshow. Please install a bare machine and make it as lean as possible. You even do not need to install ssh, we probably replace it anyway, just use VNC.
We assume a KVM VM. Good descriptions for are avaiable here virt-install. Example code:

# qemu-img create -f qcow2 /data/centos-6.4.qcow2 10G
# virt-install --virt-type kvm --name centos-6.4 --ram 1024 \
--cdrom=/data/CentOS-6.4-x86_64-netinstall.iso \
--disk path=/data/centos-6.4.qcow2,size=10,format=qcow2 \
--network network=default\
--graphics vnc,listen=0.0.0.0 --noautoconsole \
--os-type=linux --os-variant=rhel6

Centos 7

Netinstall CentOS-7.0-1406-x86_64-NetInstall.iso

CFEngine Roadshow Services

The CFEngine Roadshow offers services to support the creation and configuration of Nodes.

private key cfetest

It is recommended to create a cfetest user on your preferred machine and have the enclosed private key available in the .ssh directory. The create the file id_rsa with permissions 700. The passphrase of the key is CFEngine_Roadshow.

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,A5D6E322AA20CF2FC2B1FBCB9A86AF57

+tgxD1apbr5OoxVXoIrSaF3Q3HyRcacnV4mliVB9NQ2xns4fwfF12R3wH0+8aJMn
PLNcmBER9iSdvQvm9ZbNEifzhdkRp08lPK6j2e2A/Rn4ksYXdfXZw7l6G7T+w8Yo
zIUIvOg85vGOhH6VZ4tlYhMy3Mq4i4RAXbstAgxq3GI+eFqohzVxUE/+ZbgJ8twh
dh2jyAP2KQzKbGFybM1l9iqQPYXRQPyC7wRskl75Eqs7kwAcPfgVoJA2YLue4meh
w38EA6I4t3787mGUtnPxcsiXQxmo/Z8lw0Dh2KDXHTsknXBsAICG0+9kK1UK/+b+
/NLGRg+kYIiCVUQnHwgJ+TB7+IZVCs55u4zq7xT+iZ3CH2gK7DpQxco8YX3oT6tm
3xo+jQk/4GJOsYu52j60ZrABMTfBtfTKOkTAg+7g4uzCcCJAIZPKnUL4uNPmxAy1
/QaxEpblLo+Qi1jqGYPeL72YnmUbEpExJ7Ryswe/GcbRCTfBDs615q45PSMl8VyD
cyCnu4PM/ZBctPRUF/QTQE1ACJQtnSETFxRgyOHnSGBRWrPQIFfIuqU06F9Fn0Ku
CstZhbotergNzI1zEwOWm/2HOzUN4x1UerMTDJlKz/wegbgBYNcJvdiniODAMEN7
psDolgdun0i0jxEuTkwoM+r9cGqEsWUlmWyvyIrqc5PgLFejVc6Q8PH1rJZrbxgQ
tIs80ozF13WjJ9Hh8sv09d/C35TEwTMuKBhdyGBISrp/AaE7S+jPNTw2IIFTLYCI
N++sTL8FWi0mT/+xJxss/VTp5CccPjCAjGTGjYF0yazHWXuBfP+dkasL5StIzpi3
SRIIpHnFwinH9czg9sC8HO4O64hK4WegOw5+3rE1GUjBaPzH+20qtG94GQSJ/65i
FB1/Kjwv1MA50cnsu0TuWk84RrnzBkE0SA6wbgmy7BiGl/Yr8iipOD0HW7hu6osX
QiYaHrxkhYyj8Ai/0+9zXQnyb9wa4sAaA+BYW10rjpw6yaEFnzDgdH5f5n6zoiH/
SmC62uh1BafIWcq2Be7tIEukse9PieMmFhwPA4Jo94oFzbU2mQxyrzG6m1L4O1SC
P7by2dcRF/tf673/siCWOpIWSa1GPWB7uKMyP2GkYJWwtS+20D1GsKb6IuJicLwQ
aZbW57AprIBDW7eRNPPEvbmScDeO+DuoRTbHvonPhGEf+YDAV0EqZXT0gKe/cqB7
m46r7yhWrFGq85oLw+lbzPsLaXGPO2QC7pan2TNfXYGquu8u8pja+YK5Ao/V2S7M
518IG9lxFblGp8h8IK5nPPxjNF9JtHFBWmLLt29i01xNk4lcxwiUJA44KSjX9ETg
P8ihWNonJEWJgHbnyqv4KWzffY8hwiQwx4cMj4ZD9RyntdH1S3vc8gcD8MAi+CTL
I/wbGYPJJ1OF2KY6qlo1qSi5vEKR3fbKsrJD9l+4YBCHaSy9FP2IkkjpAiH++NMS
K35HhMinqAXU0lUKdHWSeJ1SDULkz0hdAaLe7xoXgw3/0xbBxE8+fKab85cKgS13
dG0ckHCrCsjtTXoXXq/6eaCFvHM5V6PXXkZtLp6OkD+VK4wm81em5pHYQbN9yfq0
vS6CMTqKVC3CyQ1lD6QMHaJxbpkbyM/U1jXVxqZTfRgFg8f9VQphYAmhsf8VOSBt
WGEbxEqZBmm5udixfP3c4bOk40O1tsH5pNC+5pT+Hb0cnQ7g4ZQAs0alhNzOyp2+
z4T/lzsQzeDO5hkc3A6U3pkPmj859BNKEUhMjX4Mv8W+2OSIpNadckpivvzsoKOi
aQsKS3oo7Dls5h0CB67xkW/UIpMov6ySfDGYqqc6Ccj1hdqgnKj7uzUoCLY5I5/i
1dEbYvRrM81AMU6o1+N6+DtdtVnVElVErzUOXC8G8BO3gaWIojKmhbc7H1jhDcQ/
l+owXdOw5yQPwr8TnWVUZDjLPjvYRdqq25CZd6J4VpvjEvXZu/ukdZnRZHW3Aqo4
jV2IaVm6MqLdIFqbSbkLj2EKaDQOr60zrpRgnc+oaHfBtXTLSH4tVaEHf9NtQiNN
aachiKneIyAo85qxu8JM5LLgClckJVqtRtM3yFert7fVmeNDXy4VK6cE1OKhJRYw
RIa6JaqtQnDuM5fCIZdKJIKTJNYX7je9VW4DGVmExuRiKTD9GRzvnDAYAydZt52X
tVF9wWGOvqfw6IZRv7vTOxsWdIuVmOjn1AJV9WSvmyFWrDdhPAfGx8BsBAow7npZ
xO5S0tTi0MgWUqNBttTsBPAkTAzHLUE2xs1dfZtAFkgPKsOjlR4DsWEbVRLAcScf
OLHjXCE8+TQVBrjMCYTZJo3mu/fZCnjTUGuaQcJFYi28zPU8dSAZ3b8ehWFMEUzv
HMt4CgJzuvNx01kt84aimO1H5mYRLTDFofqwn1jDYjijWZ44ykeiZHrQGUwC6bLL
A0Fwp2SIjjZFQrsgtdh+OerVp68UtZ3T5A4+WnbNWV7U8iWc2Edc4aw7+7zz9TyF
eOn68ySVIcaTrepBML3xfCFTAUzvn4/KJyNC+HKr/pJe9RozXmIjZQXexib5mX87
VJ3u0PIbN458ls2kgP4EMbWpr1oInuzSKmWlIn5yCxQsLHQ2A0/vDu2451yGXoj1
Dc1y7CTBUrtDrZheuZ6MrSXJ7BO7yKPjcncUHkWZIfuMLJqjIChMRVHldvDXfQ/r
WKnqs3hAgEF/GoCg5VGZJk/RECAQCNag7ZhPlrhqRGlXSwCXi2vBXUMc69Iejxc6
Ri0W3RBaIEvEg5Z8WGKCFhuZ2jJxn2FTvA7HROeWdfjIDbNj6xkmJEt3Somrdtdk
4gh+E/DKicjv9W13OBq9veOcn791oWkL1FJ/97MU4T65nGcV0nbb4IdvDxzsb0V0
ZnyZG5Ijv21NURlLMO2DGzQaWBxGzf4vhPL6bOY+hLneNQsnXMK/asmhxMhSp9+i
GBTX1p+qOKnE+WHWyOyH0nPpR1goA02ZGcVx8KWssHoOSA7yKi6/rY0CoVeHiWFY
LIWB2hLVDCICRRGCBcFWptrYy9/RT8odcjnCqfUds0r7i7ZdHf+njXVQukzLt0sV
A6PdYdR9wS8FCNUbi/eqcsH+B6NU4oeiAkcHUw12upPNKRfaSoravkWJa2WkRHNF
-----END RSA PRIVATE KEY-----

Utility Servers

Service IP address
ipssys01.webhuis.nl 10.168.0.1
cfehub01.webhuis.nl 10.168.0.10
nfssys01.webhuis.nl 10.168.0.12

Local Mirrors

OS Mirror IP address
Debian aptdeb01.webhuis.nl 10.168.0.20
Centos 7 rpmcos01.webhuis.nl 10.168.0.22
OpenSuse
Ubuntu 14.04 aptubu01.webhuis.nl 10.168.0.21

Supported Platforms

  • Debian
  • Centos / Fedora
  • Suse
  • Ubuntu

Please file a request if you do not find your preferred platform.

Images

With efficient use of bandwidth in mind the preferred method of installation is a netinstall, we assume x86_64. The CFEngine Roadshow uses local mirrors and needs no external connection in order to be able to install and configure guest VM's.

OS Images
Debian http://ftp.nl.debian.org/debian/dists/wheezy/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz
http://ftp.nl.debian.org/debian/dists/wheezy/main/installer-amd64/current/images/netboot/debian-installer/amd64/initrd.gz
Centos
Fedora
OpenSuse
Ubuntu

CFEngine Community

Please install CFEngine 3.6.2-1 for your installation method of choice.

OS Package
Debian CFEngine build http://cfengine.package-repos.s3.amazonaws.com/community_binaries/cfengine-community_3.6.2-1_amd64.deb
Debian Debian-team Preferred, extra reward: https://github.com/Webhuis/Cfengine-debian
RPM based http://cfengine.package-repos.s3.amazonaws.com/community_binaries/cfengine-community-3.6.2-1.x86_64.rpm

Please keep in mind you have to wait for The CFEngine Roadshow to be available before you bootstrap your VM.

Naming convention

We use a naming convention in order to determine the role of a node*.

Role Mnemonic
apt_cacher apt
ips_server ips
nfs_server nfs
webapp_server webapp
  • Check this before you use the node, the mnemonics may change.

Use the last four octets of your Mac Address after the mnemonic as a unique identifier.

You can always check the CFEngine code that manages the role of the server here:

The CFEngine Node Role

The CFEngine Debian-team package

Debian users are encouraged to build their own package from:

Debian-team

Instructions can be found here:

Debian-team Wiki

The CFEngine Debian-team is a community initiative to make available to the community a Debian standards compliant CFEngine-Community package. Jessie is near and we are determined to bring the up to date CFEngine-Community 3.6.2 to this version of Debian. One of the major spin off of the project is that the methods we developed are applicable to other distributions too, so we will rename our initiative to the CFEngine Packaging-team.



Return to: Cfengine